UK Parliament’s Digital, Culture, Media and Sport (DCMS) committee has released details that show Facebook’s possible intention of selling its’ user data to the highest bidder in the market. The information was gained from emails which were confiscated by DCMS committee from the chief of a software firm Six4Three that is suing the social media giant.
The Committee has published some 250 pages, some of which are marked "highly confidential" and Facebook had objected to their release in public. Most of these are emails between Facebook founder Mark Zuckerberg and his staff.
Damian Collins MP, the chair of the DCMS parliamentary committee involved, highlighted several "key issues" in an introductory note. He writes:
- Facebook knew about an update to its Android app that would let it collect records of users' calls and texts and predicted that this information would be controversial. They discussed ways to do it without requiring users to actively opt in. "To mitigate any bad PR, Facebook planned to make it as hard as possible for users to know that this was one of the underlying features (of the update)," Collins wrote.
Correspondence: 4 February 2015
Michael LeBeau (Facebook product manager): "As you know all the growth team is planning on shipping a permissions update on Android at the end of this month. They are going to include the 'read call log' permission... This is a pretty high-risk thing to do from a PR perspective but it appears that the growth team will charge ahead and do it."
- Zuckerberg was keen on creating a revenue model out of the data that Facebook had access to through its users. There was continuous back and forth on the financial value of providing access to friends' data. With the Cambridge Analytica scandal as backdrop today, Zuckerberg’s emails from 2012 show that he was not focused on protecting the privacy of Facebook users. He even acknowledged that those using Facebook’s platform to develop apps were receiving leaked data from the social media platform.
Correspondence: October 2015
Mark Zuckerberg (Facebook chief executive): "It's not at all clear to me here that we have a model that will actually make us the revenue we want at scale. I'm getting more on board with locking down some parts of platform, including friends' data and potentially email addresses for mobile apps. I'm generally sceptical that there is as much data leak strategic risk as you think... I think we leak info to developers but I just can't think of any instances where that data has leaked from developer to developer and caused a real issue for us."
- Facebook acquired an Israeli analytics firm Onavo which allowed it to harvest information about other mobile apps which were being downloaded and used by the public on iPhones. It then used this knowledge to decide which apps to acquire or otherwise treat as a threat. The company used this information in 2013 to show that WhatsApp was more popular on mobile than Facebook Messenger; it acquired the company a year later. In the same vein, when Twitter launched its mobile video app Vine, Facebook blocked access to the company’s Find Friends API, preventing Vine to grow the way Facebook’s own Instagram had – by piggybacking on to a wider social network.
Correspondence: 24 January 2012.
Justin Osofksy (Facebook vice president): "Twitter launched Vine today which lets you shoot multiple short video segments to make one single, 6-second video... Unless anyone raises objections, we will shut down their friends API access today. We've prepared reactive PR, and I will let Jana know our decision."
Mark Zuckerberg (Facebook chief executive): "Yup, go for it."
- Facebook allowed some companies to maintain "full access" to users' friends data even after announcing changes to its platform in 2014/2015 to limit what app developers' could see. The DCMS committee chairman says, "It is not clear that there was any user consent for this, nor how Facebook decided which companies should be whitelisted.” There was also no logic provided why some app were given access while others were not. These apps which had access are:
- Dating service Badoo, its spin-off Hot or Not, and Bumble - another dating app that it had invested in
- Car pick-up service Lyft
- Video-streaming service Netflix
- Short-rental service Airbnb
In response, Facebook has said that the documents had been presented in a "very misleading manner" and required additional context. Zuckerberg has also posted his response on his Facebook page. "I understand there is a lot of scrutiny on how we run our systems. That's healthy given the vast number of people who use our services around the world, and it is right that we are constantly asked to explain what we do," he said.
"But it's also important that the coverage of what we do - including the explanation of these internal documents - doesn't misrepresent our actions or motives."
However, Zuckerberg's defence is weak considering the Cambridge Analytica case in which Cambridge Analytica’s UK parent company, Strategic Communications Laboratories’ partner GSR, had harvested the personal data of millions of people's Facebook profiles without their consent and used it for political purposes.